Examples with FalsePositiveMetaData com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData used on opensource projects

Search in sources :

Example 11 with FalsePositiveMetaData

use of com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData in project sechub by mercedes-benz.

the class SerecoFalsePositiveFinderTest method web_scan_triggers_webscan_strategy_and_uses_its_result.

@Test
public void web_scan_triggers_webscan_strategy_and_uses_its_result() {
    /* prepare */
    /* @formatter:off */
    SerecoVulnerability vulnerability = TestSerecoVulnerabilityBuilder.builder().name("name1").webScan().end().build();
    /* @formatter:on */
    FalsePositiveMetaData metaData = fetchFirstEntryMetaDataOfExample3();
    when(webScanStrategy.isFalsePositive(vulnerability, metaData)).thenReturn(yesItIsAFalsePositive);
    /* execute */
    boolean strategyResult = finderToTest.isFound(vulnerability, metaData);
    /* test */
    verify(webScanStrategy).isFalsePositive(vulnerability, metaData);
    assertEquals(yesItIsAFalsePositive, strategyResult);
    // additional check that other strategy is not called here
    verify(codeScanStrategy, never()).isFalsePositive(vulnerability, metaData);
}
Also used : FalsePositiveMetaData(com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData) SerecoVulnerability(com.mercedesbenz.sechub.sereco.metadata.SerecoVulnerability) Test(org.junit.Test)

Example 12 with FalsePositiveMetaData

use of com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData in project sechub by mercedes-benz.

the class SerecoFalsePositiveFinderTest method infrascan_triggers_not_codescanstrategy.

@Test
public void infrascan_triggers_not_codescanstrategy() {
    /* prepare */
    /* @formatter:off */
    SerecoVulnerability vulnerability = TestSerecoVulnerabilityBuilder.builder().name("name1").infraScan().end().build();
    /* @formatter:on */
    FalsePositiveMetaData metaData = fetchFirstEntryMetaDataOfExample3();
    /* execute */
    finderToTest.isFound(vulnerability, metaData);
    /* test */
    verify(codeScanStrategy, never()).isFalsePositive(vulnerability, metaData);
}
Also used : FalsePositiveMetaData(com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData) SerecoVulnerability(com.mercedesbenz.sechub.sereco.metadata.SerecoVulnerability) Test(org.junit.Test)

Example 13 with FalsePositiveMetaData

use of com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData in project sechub by mercedes-benz.

the class SerecoFalsePositiveFinderTest method fetchFirstEntryMetaDataOfExample3.

private FalsePositiveMetaData fetchFirstEntryMetaDataOfExample3() {
    String json = ScanProductSerecoTestFileSupport.getTestfileSupport().loadTestFile("false_positives/scan_false_positive_config_example3.json");
    FalsePositiveProjectConfiguration config = FalsePositiveProjectConfiguration.fromJSONString(json);
    FalsePositiveEntry entry = config.getFalsePositives().get(0);
    // sanity check, means correct entry...
    assertEquals("entry-1", entry.getJobData().getComment());
    FalsePositiveMetaData metaData = entry.getMetaData();
    return metaData;
}
Also used : FalsePositiveEntry(com.mercedesbenz.sechub.domain.scan.project.FalsePositiveEntry) FalsePositiveMetaData(com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData) FalsePositiveProjectConfiguration(com.mercedesbenz.sechub.domain.scan.project.FalsePositiveProjectConfiguration)

Example 14 with FalsePositiveMetaData

use of com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData in project sechub by mercedes-benz.

the class SerecoFalsePositiveMarkerTest method a_codescan_triggers_NOT_falsePositiveFinder_for_fp_setting_for_webscan.

@Test
public void a_codescan_triggers_NOT_falsePositiveFinder_for_fp_setting_for_webscan() {
    /* prepare */
    FalsePositiveMetaData metaData = addEntryAndReturnMetaData(projectConfig, ScanType.WEB_SCAN);
    config.setData(projectConfig.toJSON());
    List<SerecoVulnerability> all = new ArrayList<>();
    SerecoVulnerability v1 = addVulnerability(all, ScanType.CODE_SCAN);
    /* execute */
    markerToTest.markFalsePositives(PROJECT_ID, all);
    /* test */
    verify(falsePositiveFinder, never()).isFound(v1, metaData);
}
Also used : FalsePositiveMetaData(com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData) SerecoVulnerability(com.mercedesbenz.sechub.sereco.metadata.SerecoVulnerability) ArrayList(java.util.ArrayList) Test(org.junit.Test)

Example 15 with FalsePositiveMetaData

use of com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData in project sechub by mercedes-benz.

the class SerecoFalsePositiveMarkerTest method addEntryAndReturnMetaData.

private FalsePositiveMetaData addEntryAndReturnMetaData(FalsePositiveProjectConfiguration projectConfig, ScanType scanType) {
    List<FalsePositiveEntry> fp = projectConfig.getFalsePositives();
    FalsePositiveEntry e = new FalsePositiveEntry();
    FalsePositiveMetaData metaData = new FalsePositiveMetaData();
    metaData.setScanType(scanType);
    e.setMetaData(metaData);
    fp.add(e);
    return metaData;
}
Also used : FalsePositiveEntry(com.mercedesbenz.sechub.domain.scan.project.FalsePositiveEntry) FalsePositiveMetaData(com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData)

Aggregations

FalsePositiveMetaData (com.mercedesbenz.sechub.domain.scan.project.FalsePositiveMetaData)18 Test (org.junit.Test)13 SerecoVulnerability (com.mercedesbenz.sechub.sereco.metadata.SerecoVulnerability)12 FalsePositiveEntry (com.mercedesbenz.sechub.domain.scan.project.FalsePositiveEntry)4 ArrayList (java.util.ArrayList)4 FalsePositiveProjectConfiguration (com.mercedesbenz.sechub.domain.scan.project.FalsePositiveProjectConfiguration)3 ScanType (com.mercedesbenz.sechub.commons.model.ScanType)1 FalsePositiveCodeMetaData (com.mercedesbenz.sechub.domain.scan.project.FalsePositiveCodeMetaData)1 FalsePositiveCodePartMetaData (com.mercedesbenz.sechub.domain.scan.project.FalsePositiveCodePartMetaData)1 FalsePositiveJobData (com.mercedesbenz.sechub.domain.scan.project.FalsePositiveJobData)1 FalsePositiveWebMetaData (com.mercedesbenz.sechub.domain.scan.project.FalsePositiveWebMetaData)1 FalsePositiveWebRequestMetaData (com.mercedesbenz.sechub.domain.scan.project.FalsePositiveWebRequestMetaData)1 FalsePositiveWebResponseMetaData (com.mercedesbenz.sechub.domain.scan.project.FalsePositiveWebResponseMetaData)1 UseCaseRestDoc (com.mercedesbenz.sechub.sharedkernel.usecases.UseCaseRestDoc)1 UseCaseUserFetchesFalsePositiveConfigurationOfProject (com.mercedesbenz.sechub.sharedkernel.usecases.user.execute.UseCaseUserFetchesFalsePositiveConfigurationOfProject)1 Date (java.util.Date)1 UUID (java.util.UUID)1 WebMvcTest (org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial